10-18-2012 11:59 AM
Hi all. Getting ready to implement HP Server Automation in a secure environment. I need to know if the SSL communication between the various components is FIPS 140-2 compliant or if it can be implemented as such.
Specifically, processes on ports 1002 (agent), 2001 and 2003 (Core servers) and 3001 (Satellite).
Thanks in advance.
Solved! Go to Solution.
11-08-2012 04:55 PM
I'm not really familiar with FIPS 140-2, but the connections you're talking about support TLS 1.0, which I believe is FIPS compliant and can be modified to support the hardware crypotgraphic modules that FIPS 140-2 talks about.
Some information from one of the connections:
The identity of this website has not been verified.
• Server's certificate does not match the URL.
• Server's certificate is not trusted.
• Server's certificate is signed using a weak signature algorithm
Your connection to example.acme.com is encrypted with 128-bit encryption.
The connection uses TLS 1.0.
The connection is encrypted using RC4_128, with SHA1 for message authentication and RSA as the key exchange mechanism.
The connection does not use SSL compression.
The server does not support the TLS renegotiation extension.
Hope this helps somewhat.
11-14-2012 11:02 AM
Thanks sjmh. I found from HP that the product uses openSSL. Hp is currently creating a release with 140-2 compliant encryption implemented. I guess look for that coming soon.